Use this on Debian based boxes:
Use update-rc.d to create the symlinks to the appropriate runlevel directories.
update-rc.d -f ssh defaults 20
http://stats.denyhosts.net/stats.html
I’d consider it a bad idea to allow remote ssh (ie. via the external interface) to the Untangle ssh server (ie. if you have either manually symlinked /etc/rc3.d/… and /etc/rc5.d/… to /etc/init.d/ssh or have enabled the «Config -> Support -> Allow Untangle Support…» option).
The easiest way to secure the SSH server on Untangle is to bind the server to the LAN (internal interface) IP address rather than the default (which is all interfaces). To do so:
ssh root@your_untangle_server
vi /etc/ssh/sshd_config add a line: ListenAddress 192.168.1.1 save the file. restart ssh: /etc/init.d/ssh restart |
Replace 192.168.1.1 (above) with the internal IP address of your Untangle server.
After restarting ssh, you can connect to it from your internal network but not from the internet such that it won’t be subject to brute force password attacks.
Note: Untangle support will not be able to access your Untangle server so if you rely on their support efforts, don’t do this (or do it and if you need their support, remember to comment out the ListenAddress line and restart ssh).
For extra security:
If you’ve setup other users on Untangle (ie. using useradd from the command line or similar), it’s usually a good idea to set
«PermitRootLogin no» in /etc/ssh/sshd_config to prevent users from logging in as root (since everybody knows that the ssh server has a root account). You may require root access so you’ll need to use «sudo» after you login as non-root. This may be overkill if you’ve restricted external access (as described above) and your LAN is trusted.